Facebook Unrepentant as Apple Restores Its Enterprise Certification

Facebook has been allowed back into Apple’s Developer Enterprise Program after it had its enterprise certificates revoked by Apple for violating the terms of the program.

It was revealed earlier this week that the social media giant had been abusing the privileges of its license agreement with Apple by inviting users to install an invasive monitoring app as part of a research study. Apple quickly responded by revoking the certificates used to install apps under the enterprise developer program.

While this had no effect on Facebook’s consumer-facing apps on the App Store, it effectively invalidated the “Facebook Research” app while also wreaking havoc on Facebook’s internal operations, impacting both in-house iOS apps and under-development versions of its public apps used by company employees.

However, Facebook issued a statement to Mike Isaac of The New York Times, noting that the company has had its Enterprise Certification restored and is “in the process of getting [its] internal apps up and running.”

Since previous reports suggested that Apple had revoked the Enterprise Developer certificate entirely, the result is that Facebook likely had to receive a new certificate, which will require them to re-sign and re-distribute their legitimate internal apps to their employees.

This also ensures that the company’s research app — which had likely already been installed on many external users’ iPhones — won’t simply start working again.

Facebook has already committed to discontinuing the Facebook Research iOS app, so it’s unlikely the company is going to risk incurring the wrath of Apple once again by distributing a new version of it even to its own employees.

However, the company has been relatively unrepentant about its actions, and in a leaked memo obtained by Business Insider, goes so far as to defend its decisions while also skirting the issue of whether the company feels that it violated any of the terms of its agreement with Apple.

In the memo, Facebook executive Pedro Canahuati justified Facebook’s approach as a “valid method of market research” and offers a deeper insight into not only what Facebook was trying to accomplish with the app, but also how it tries to internally put a positive spin on incidents like this.

Asking users to allow us to collect data on their device usage is a highly efficient way of getting industry data from closed ecosystems, such as iOS and Android. We believe this is a valid method of market research.

Pedro Canahuati, VP Production Engineering & Security at Facebook

In the memo, Canahuati denies that Facebook’s research app read users’ private messages, stating that it only looked at information like message length and the amount of time spent watching videos. The goal, Canahuati says, was to “understand how people use apps” and not to “look at what they share or see.” He also added that the app was designed to specifically ignore information from financial and health apps.

Addressing Apple’s decision to revoke Facebook’s enterprise certificate, Canahuati took no responsibility on Facebook’s behalf, stating that it was Apple’s opinion — and by implication, not Facebook’s — that the terms of the agreement were violated.

Apple’s view is that we violated their terms. We wouldn’t put that relationship at risk intentionally.

Pedro Canahuati, VP Production Engineering & Security at Facebook

However, Canahuati also added that of course Facebook wouldn’t risk souring its relationship with Apple, which is understandable considering the impact that the revocation of its enterprise certificate had on its internal operations, with the memo noting that apps that were used for “everything from communicating with colleagues to company transportation” were suddenly rendered inoperable. According to an earlier report by Business Insider, Facebook employees were furious about the move, with some blaming their own colleagues for releasing an app that violated its agreements, while others suggested that the entire thing was the result of a vendetta by Apple against Facebook.

By contrast, when it was discovered shortly afterward that Google has been using its own Developer Enterprise program to do almost the exact same type of app-based research, the search giant almost immediately pulled the app and issued an abject apology, likely hoping to avoid the fate the befell Facebook. Despite this, however, Apple still took the position of revoking Google’s Enterprise certificates as well, but also issued a statement saying, “We are working together with Google to help them reinstate their enterprise certificates very quickly” — a conspicuous move considering that Apple has said nothing at all about the situation with Facebook.